Logo
programming4us
programming4us
programming4us
programming4us
Home
programming4us
XP
programming4us
Windows Vista
programming4us
Windows 7
programming4us
Windows Azure
programming4us
Windows Server
programming4us
Windows Phone
 
Windows Server

SharePoint 2010 : Introducing SharePoint Security

6/25/2011 11:34:47 AM
As Microsoft SharePoint Products and Technologies mature, more organizations are using SharePoint sites to upload sensitive information that needs to be properly secured. This phenomenon is predictable, since an increasing use of SharePoint for collaboration and information hosting activities would naturally lead users to upload information that needs to be secured. There is a perception among a sizable number of security professionals and information technology administrators that the SharePoint platform is not a secure platform.

Microsoft SharePoint 2010, when properly configured, offers tight security and can work well in rather demanding environments. But getting the product properly configured requires teamwork, training, and an understanding of how SharePoint security works. Depending on the level of security you want to achieve, both in terms of breadth and granularity, you might need to work with one or several layers of security available within the SharePoint platform.

Introducing SharePoint Security

SharePoint security is managed at every level of the hierarchy. Conceptually, you can think of a SharePoint farm as consisting of a hierarchy of elements as shown in Figure 1. The important concept to understand here is that there are security settings at nearly every level and that these settings “pass through” or apply to the down-level containers, too.

Figure 1. The hierarchy of elements in a SharePoint farm


When you take a long step back and look at how content is actually hosted in SharePoint, it is really accomplished within a series of nested containers: Content items are hosted in a list. Lists are hosted in sites. Sites are hosted in site collections. Site collections are hosted within managed paths (even the root site of a Web application is hosted in a hidden managed path called root), and managed paths are hosted in Web applications.

Granted, some content is hosted in publishing pages directly, so keep in mind that the previous paragraph’s simple explanation is not making a sweeping statement without any exceptions in SharePoint. But it is fair to say that the majority of the content hosted in SharePoint in done so in lists. Document libraries, under the hood, are really just complex lists, with a customized view that exposes the documents instead of the list items to which the documents are attached.

The reason it is important to understand the structure—how SharePoint content storage is set up—is because different parts of SharePoint security are applied at different “layers.” Some security is applied at the Web application layer, whereas other security is applied at the content item layer. Figure 2 offers an outline of how security is applied within SharePoint 2010.


Note:

Site quotes, audiences, database status, and alternate access mappings are not security features in SharePoint 2010. Site quotes and database status instead are focused on setting capacity limits, alternate access mappings provide alternate URLs to the existing content, and audiences are really a view-crafting feature.


Figure 2. SharePoint security feature mapping to SharePoint “layers”


Security is commonly thought of as being applied to content, and although this is certainly true within SharePoint 2010, security is more than this. Security is about access—access to content, but also access to the containers that host the content. So it is reasonable to assume that by blocking access to a container at an upper layer, such as a Web application, you can effectively block access to an entire set of content without having to visit and configure each list in which the content resides.

The interplay of security settings at the different layers within SharePoint will force the information technology (IT) team and SharePoint users to communicate better about how security should be set. The product is designed to allow the management of security settings applied directly to content by nontechnical end users who are the owners of the content. IT personnel don’t (at least not often) get involved in this process. However, there are some settings that are configured only by the IT administrators (or SharePoint farm administrations if you have a separate team managing your SharePoint deployment) through Central Administration, because they are only available in the Central Administration interface or through Windows PowerShell.

You might think that the appropriate manager of a particular SharePoint “layer” should be the individual who would make changes to the security settings for that layer. But since many of these security settings affect other settings in other layers, it is critical to maintain communication and coordination between those involved to ensure that SharePoint is secured correctly.

Other -----------------
- SQL Server 2008 : SQL Server Configuration Manager (part 2) - SQL Server Network Configuration
- SQL Server 2008 : SQL Server Configuration Manager (part 2) - SQL Server Network Configuration
- SQL Server 2008 : SQL Server Configuration Manager (part 1) - SQL Server Services
- BizTalk 2009 : WCF LOB Adapter SDK - WCF LOB Adapter Vivisected
- BizTalk 2009 : WCF LOB Adapter SDK - WCF LOB Adapters vs. WCF Services
- BizTalk 2009 : Understanding the WCF LOB Adapter
- SQL Server 2008 High Availability : Database Clustering
- SQL Server 2008 High Availability : Database Mirroring (part 2) - SharePoint and Database Mirroring
- SQL Server 2008 High Availability : Database Mirroring (part 1) - How to Configure Database Mirroring
- Sharepoint 2010 : SharePoint Disaster Recovery Testing and Maintenance
 
 
Top 10 video Game
-   BlazBlue Chrono Phantasma EXTEND | Launch Trailer
-   Allison Road | Prototype Gameplay
-   Clash of Clans | 'Dark Spell Factory' Update
-   Shoppe Keep [PC] Debut Trailer
-   Orcs Must Die! Unchained [PC] What's New in Endless Summer v2.3 Patch
-   Gunpowder [PC] Launch Trailer
-   Uncharted 4: A Thief's End | E3 2015 Extended Gameplay Trailer
-   V.Next [PC] Kickstarter Trailer
-   Renowned Explorers [PC] Launch Date Trailer
-   The Void (Game Trailer)
-   World of Warships [PC] Open Beta Trailer
-   F1 2015 | Features Trailer
-   Battle Fantasia Revised Edition | Debut Trailer for Steam
-   Victor Vran [PC] Story Trailer
-   Star Wars Battlefront PC Alpha footage
Popular tags
Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Biztalk Exchange Server Microsoft LynC Server Microsoft Dynamic Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 windows Phone 7 windows Phone 8
programming4us programming4us
 
Popular keywords
HOW TO Swimlane in Visio Visio sort key Pen and Touch Creating groups in Windows Server Raid in Windows Server Exchange 2010 maintenance Exchange server mail enabled groups Debugging Tools Collaborating
programming4us programming4us
PS4 game trailer XBox One game trailer
WiiU game trailer 3ds game trailer
Trailer game
 
programming4us
Natural Miscarriage
programming4us
Windows Vista
programming4us
Windows 7
programming4us
Windows Azure
programming4us
Windows Server
programming4us
Game Trailer